Google Git
Sign in
cos / third_party / kernel / 63cd753c2414d04f689ed02a0630d569b6acf634 / . / Documentation / filesystems / coda.rst
blob: bdde7e4e010b955159ec3a9cd145dc4849f7208d [file] [log] [blame]
.. SPDX-License-Identifier: GPL-2.0
===========================
Coda Kernel-Venus Interface
===========================
.. Note::
This is one of the technical documents describing a component of
Coda -- this document describes the client kernel-Venus interface.
For more information:
http://www.coda.cs.cmu.edu
For user level software needed to run Coda:
ftp://ftp.coda.cs.cmu.edu
To run Coda you need to get a user level cache manager for the client,
named Venus, as well as tools to manipulate ACLs, to log in, etc. The
client needs to have the Coda filesystem selected in the kernel
configuration.
The server needs a user level server and at present does not depend on
kernel support.
The Venus kernel interface
Peter J. Braam
v1.0, Nov 9, 1997
This document describes the communication between Venus and kernel
level filesystem code needed for the operation of the Coda file sys-
tem. This document version is meant to describe the current interface
(version 1.0) as well as improvements we envisage.
.. Table of Contents
1. Introduction
2. Servicing Coda filesystem calls
3. The message layer
3.1 Implementation details
4. The interface at the call level
4.1 Data structures shared by the kernel and Venus
4.2 The pioctl interface
4.3 root
4.4 lookup
4.5 getattr
4.6 setattr
4.7 access
4.8 create
4.9 mkdir
4.10 link
4.11 symlink
4.12 remove
4.13 rmdir
4.14 readlink
4.15 open
4.16 close
4.17 ioctl
4.18 rename
4.19 readdir
4.20 vget
4.21 fsync
4.22 inactive
4.23 rdwr
4.24 odymount
4.25 ody_lookup
4.26 ody_expand
4.27 prefetch
4.28 signal
5. The minicache and downcalls
5.1 INVALIDATE
5.2 FLUSH
5.3 PURGEUSER
5.4 ZAPFILE
5.5 ZAPDIR
5.6 ZAPVNODE
5.7 PURGEFID
5.8 REPLACE
6. Initialization and cleanup
6.1 Requirements
1. Introduction
===============
A key component in the Coda Distributed File System is the cache
manager, Venus.
When processes on a Coda enabled system access files in the Coda
filesystem, requests are directed at the filesystem layer in the
operating system. The operating system will communicate with Venus to
service the request for the process. Venus manages a persistent
client cache and makes remote procedure calls to Coda file servers and
related servers (such as authentication servers) to service these
requests it receives from the operating system. When Venus has
serviced a request it replies to the operating system with appropriate
return codes, and other data related to the request. Optionally the
kernel support for Coda may maintain a minicache of recently processed
requests to limit the number of interactions with Venus. Venus
possesses the facility to inform the kernel when elements from its
minicache are no longer valid.
This document describes precisely this communication between the
kernel and Venus. The definitions of so called upcalls and downcalls
will be given with the format of the data they handle. We shall also
describe the semantic invariants resulting from the calls.
Historically Coda was implemented in a BSD file system in Mach 2.6.
The interface between the kernel and Venus is very similar to the BSD
VFS interface. Similar functionality is provided, and the format of
the parameters and returned data is very similar to the BSD VFS. This
leads to an almost natural environment for implementing a kernel-level
filesystem driver for Coda in a BSD system. However, other operating
systems such as Linux and Windows 95 and NT have virtual filesystem
with different interfaces.
To implement Coda on these systems some reverse engineering of the
Venus/Kernel protocol is necessary. Also it came to light that other
systems could profit significantly from certain small optimizations
and modifications to the protocol. To facilitate this work as well as
to make future ports easier, communication between Venus and the
kernel should be documented in great detail. This is the aim of this
document.
2. Servicing Coda filesystem calls
===================================
The service of a request for a Coda file system service originates in
a process P which accessing a Coda file. It makes a system call which
traps to the OS kernel. Examples of such calls trapping to the kernel
are ``read``, ``write``, ``open``, ``close``, ``create``, ``mkdir``,
``rmdir``, ``chmod`` in a Unix ontext. Similar calls exist in the Win32
environment, and are named ``CreateFile``.
Generally the operating system handles the request in a virtual
filesystem (VFS) layer, which is named I/O Manager in NT and IFS
manager in Windows 95. The VFS is responsible for partial processing
of the request and for locating the specific filesystem(s) which will
service parts of the request. Usually the information in the path
assists in locating the correct FS drivers. Sometimes after extensive
pre-processing, the VFS starts invoking exported routines in the FS
driver. This is the point where the FS specific processing of the
request starts, and here the Coda specific kernel code comes into
play.
The FS layer for Coda must expose and implement several interfaces.
First and foremost the VFS must be able to make all necessary calls to
the Coda FS layer, so the Coda FS driver must expose the VFS interface
as applicable in the operating system. These differ very significantly
among operating systems, but share features such as facilities to
read/write and create and remove objects. The Coda FS layer services
such VFS requests by invoking one or more well defined services
offered by the cache manager Venus. When the replies from Venus have
come back to the FS driver, servicing of the VFS call continues and
finishes with a reply to the kernel's VFS. Finally the VFS layer
returns to the process.
As a result of this design a basic interface exposed by the FS driver
must allow Venus to manage message traffic. In particular Venus must
be able to retrieve and place messages and to be notified of the
arrival of a new message. The notification must be through a mechanism
which does not block Venus since Venus must attend to other tasks even
when no messages are waiting or being processed.
**Interfaces of the Coda FS Driver**
Furthermore the FS layer provides for a special path of communication
between a user process and Venus, called the pioctl interface. The
pioctl interface is used for Coda specific services, such as
requesting detailed information about the persistent cache managed by
Venus. Here the involvement of the kernel is minimal. It identifies
the calling process and passes the information on to Venus. When
Venus replies the response is passed back to the caller in unmodified
form.
Finally Venus allows the kernel FS driver to cache the results from
certain services. This is done to avoid excessive context switches
and results in an efficient system. However, Venus may acquire
information, for example from the network which implies that cached
information must be flushed or replaced. Venus then makes a downcall
to the Coda FS layer to request flushes or updates in the cache. The
kernel FS driver handles such requests synchronously.
Among these interfaces the VFS interface and the facility to place,
receive and be notified of messages are platform specific. We will
not go into the calls exported to the VFS layer but we will state the
requirements of the message exchange mechanism.
3. The message layer
=====================
At the lowest level the communication between Venus and the FS driver
proceeds through messages. The synchronization between processes
requesting Coda file service and Venus relies on blocking and waking
up processes. The Coda FS driver processes VFS- and pioctl-requests
on behalf of a process P, creates messages for Venus, awaits replies
and finally returns to the caller. The implementation of the exchange
of messages is platform specific, but the semantics have (so far)
appeared to be generally applicable. Data buffers are created by the
FS Driver in kernel memory on behalf of P and copied to user memory in
Venus.
The FS Driver while servicing P makes upcalls to Venus. Such an
upcall is dispatched to Venus by creating a message structure. The
structure contains the identification of P, the message sequence
number, the size of the request and a pointer to the data in kernel
memory for the request. Since the data buffer is re-used to hold the
reply from Venus, there is a field for the size of the reply. A flags
field is used in the message to precisely record the status of the
message. Additional platform dependent structures involve pointers to
determine the position of the message on queues and pointers to
synchronization objects. In the upcall routine the message structure
is filled in, flags are set to 0, and it is placed on the *pending*
queue. The routine calling upcall is responsible for allocating the
data buffer; its structure will be described in the next section.
A facility must exist to notify Venus that the message has been
created, and implemented using available synchronization objects in
the OS. This notification is done in the upcall context of the process
P. When the message is on the pending queue, process P cannot proceed
in upcall. The (kernel mode) processing of P in the filesystem
request routine must be suspended until Venus has replied. Therefore
the calling thread in P is blocked in upcall. A pointer in the
message structure will locate the synchronization object on which P is
sleeping.
Venus detects the notification that a message has arrived, and the FS
driver allow Venus to retrieve the message with a getmsg_from_kernel
call. This action finishes in the kernel by putting the message on the
queue of processing messages and setting flags to READ. Venus is
passed the contents of the data buffer. The getmsg_from_kernel call
now returns and Venus processes the request.
At some later point the FS driver receives a message from Venus,
namely when Venus calls sendmsg_to_kernel. At this moment the Coda FS
driver looks at the contents of the message and decides if:
* the message is a reply for a suspended thread P. If so it removes
the message from the processing queue and marks the message as
WRITTEN. Finally, the FS driver unblocks P (still in the kernel
mode context of Venus) and the sendmsg_to_kernel call returns to
Venus. The process P will be scheduled at some point and continues
processing its upcall with the data buffer replaced with the reply
from Venus.
* The message is a ``downcall``. A downcall is a request from Venus to
the FS Driver. The FS driver processes the request immediately
(usually a cache eviction or replacement) and when it finishes
sendmsg_to_kernel returns.
Now P awakes and continues processing upcall. There are some
subtleties to take account of. First P will determine if it was woken
up in upcall by a signal from some other source (for example an
attempt to terminate P) or as is normally the case by Venus in its
sendmsg_to_kernel call. In the normal case, the upcall routine will
deallocate the message structure and return. The FS routine can proceed
with its processing.
**Sleeping and IPC arrangements**
In case P is woken up by a signal and not by Venus, it will first look
at the flags field. If the message is not yet READ, the process P can
handle its signal without notifying Venus. If Venus has READ, and
the request should not be processed, P can send Venus a signal message
to indicate that it should disregard the previous message. Such
signals are put in the queue at the head, and read first by Venus. If
the message is already marked as WRITTEN it is too late to stop the
processing. The VFS routine will now continue. (-- If a VFS request
involves more than one upcall, this can lead to complicated state, an
extra field "handle_signals" could be added in the message structure
to indicate points of no return have been passed.--)
3.1. Implementation details
----------------------------
The Unix implementation of this mechanism has been through the
implementation of a character device associated with Coda. Venus
retrieves messages by doing a read on the device, replies are sent
with a write and notification is through the select system call on the
file descriptor for the device. The process P is kept waiting on an
interruptible wait queue object.
In Windows NT and the DPMI Windows 95 implementation a DeviceIoControl
call is used. The DeviceIoControl call is designed to copy buffers
from user memory to kernel memory with OPCODES. The sendmsg_to_kernel
is issued as a synchronous call, while the getmsg_from_kernel call is
asynchronous. Windows EventObjects are used for notification of
message arrival. The process P is kept waiting on a KernelEvent
object in NT and a semaphore in Windows 95.
4. The interface at the call level
===================================
This section describes the upcalls a Coda FS driver can make to Venus.
Each of these upcalls make use of two structures: inputArgs and
outputArgs. In pseudo BNF form the structures take the following
form::
struct inputArgs {
u_long opcode;
u_long unique; /* Keep multiple outstanding msgs distinct */
u_short pid; /* Common to all */
u_short pgid; /* Common to all */
struct CodaCred cred; /* Common to all */
<union "in" of call dependent parts of inputArgs>
};
struct outputArgs {
u_long opcode;
u_long unique; /* Keep multiple outstanding msgs distinct */
u_long result;
<union "out" of call dependent parts of inputArgs>
};
Before going on let us elucidate the role of the various fields. The
inputArgs start with the opcode which defines the type of service
requested from Venus. There are approximately 30 upcalls at present
which we will discuss. The unique field labels the inputArg with a
unique number which will identify the message uniquely. A process and
process group id are passed. Finally the credentials of the caller
are included.
Before delving into the specific calls we need to discuss a variety of
data structures shared by the kernel and Venus.
4.1. Data structures shared by the kernel and Venus
----------------------------------------------------
The CodaCred structure defines a variety of user and group ids as
they are set for the calling process. The vuid_t and vgid_t are 32 bit
unsigned integers. It also defines group membership in an array. On
Unix the CodaCred has proven sufficient to implement good security
semantics for Coda but the structure may have to undergo modification
for the Windows environment when these mature::
struct CodaCred {
vuid_t cr_uid, cr_euid, cr_suid, cr_fsuid; /* Real, effective, set, fs uid */
vgid_t cr_gid, cr_egid, cr_sgid, cr_fsgid; /* same for groups */
vgid_t cr_groups[NGROUPS]; /* Group membership for caller */
};
.. Note::
It is questionable if we need CodaCreds in Venus. Finally Venus
doesn't know about groups, although it does create files with the
default uid/gid. Perhaps the list of group membership is superfluous.
The next item is the fundamental identifier used to identify Coda
files, the ViceFid. A fid of a file uniquely defines a file or
directory in the Coda filesystem within a cell [1]_::
typedef struct ViceFid {
VolumeId Volume;
VnodeId Vnode;
Unique_t Unique;
} ViceFid;
.. [1] A cell is agroup of Coda servers acting under the aegis of a single
system control machine or SCM. See the Coda Administration manual
for a detailed description of the role of the SCM.
Each of the constituent fields: VolumeId, VnodeId and Unique_t are
unsigned 32 bit integers. We envisage that a further field will need
to be prefixed to identify the Coda cell; this will probably take the
form of a Ipv6 size IP address naming the Coda cell through DNS.
The next important structure shared between Venus and the kernel is
the attributes of the file. The following structure is used to
exchange information. It has room for future extensions such as
support for device files (currently not present in Coda)::
struct coda_timespec {
int64_t tv_sec; /* seconds */
long tv_nsec; /* nanoseconds */
};
struct coda_vattr {
enum coda_vtype va_type; /* vnode type (for create) */
u_short va_mode; /* files access mode and type */
short va_nlink; /* number of references to file */
vuid_t va_uid; /* owner user id */
vgid_t va_gid; /* owner group id */
long va_fsid; /* file system id (dev for now) */
long va_fileid; /* file id */
u_quad_t va_size; /* file size in bytes */
long va_blocksize; /* blocksize preferred for i/o */
struct coda_timespec va_atime; /* time of last access */
struct coda_timespec va_mtime; /* time of last modification */
struct coda_timespec va_ctime; /* time file changed */
u_long va_gen; /* generation number of file */
u_long va_flags; /* flags defined for file */
dev_t va_rdev; /* device special file represents */
u_quad_t va_bytes; /* bytes of disk space held by file */
u_quad_t va_filerev; /* file modification number */
u_int va_vaflags; /* operations flags, see below */
long va_spare; /* remain quad aligned */
};
4.2. The pioctl interface
--------------------------
Coda specific requests can be made by application through the pioctl
interface. The pioctl is implemented as an ordinary ioctl on a
fictitious file /coda/.CONTROL. The pioctl call opens this file, gets
a file handle and makes the ioctl call. Finally it closes the file.
The kernel involvement in this is limited to providing the facility to
open and close and pass the ioctl message and to verify that a path in
the pioctl data buffers is a file in a Coda filesystem.
The kernel is handed a data packet of the form::
struct {
const char *path;
struct ViceIoctl vidata;
int follow;
} data;
where::
struct ViceIoctl {
caddr_t in, out; /* Data to be transferred in, or out */
short in_size; /* Size of input buffer <= 2K */
short out_size; /* Maximum size of output buffer, <= 2K */
};
The path must be a Coda file, otherwise the ioctl upcall will not be
made.
.. Note:: The data structures and code are a mess. We need to clean this up.
**We now proceed to document the individual calls**:
4.3. root
----------
Arguments
in
empty
out::
struct cfs_root_out {
ViceFid VFid;
} cfs_root;
Description
This call is made to Venus during the initialization of
the Coda filesystem. If the result is zero, the cfs_root structure
contains the ViceFid of the root of the Coda filesystem. If a non-zero
result is generated, its value is a platform dependent error code
indicating the difficulty Venus encountered in locating the root of
the Coda filesystem.
4.4. lookup
------------
Summary
Find the ViceFid and type of an object in a directory if it exists.
Arguments
in::
struct cfs_lookup_in {
ViceFid VFid;
char *name; /* Place holder for data. */
} cfs_lookup;
out::
struct cfs_lookup_out {
ViceFid VFid;
int vtype;
} cfs_lookup;
Description
This call is made to determine the ViceFid and filetype of
a directory entry. The directory entry requested carries name 'name'
and Venus will search the directory identified by cfs_lookup_in.VFid.
The result may indicate that the name does not exist, or that
difficulty was encountered in finding it (e.g. due to disconnection).
If the result is zero, the field cfs_lookup_out.VFid contains the
targets ViceFid and cfs_lookup_out.vtype the coda_vtype giving the
type of object the name designates.
The name of the object is an 8 bit character string of maximum length
CFS_MAXNAMLEN, currently set to 256 (including a 0 terminator.)
It is extremely important to realize that Venus bitwise ors the field
cfs_lookup.vtype with CFS_NOCACHE to indicate that the object should
not be put in the kernel name cache.
.. Note::
The type of the vtype is currently wrong. It should be
coda_vtype. Linux does not take note of CFS_NOCACHE. It should.
4.5. getattr
-------------
Summary Get the attributes of a file.
Arguments
in::
struct cfs_getattr_in {
ViceFid VFid;
struct coda_vattr attr; /* XXXXX */
} cfs_getattr;
out::
struct cfs_getattr_out {
struct coda_vattr attr;
} cfs_getattr;
Description
This call returns the attributes of the file identified by fid.
Errors
Errors can occur if the object with fid does not exist, is
unaccessible or if the caller does not have permission to fetch
attributes.
.. Note::
Many kernel FS drivers (Linux, NT and Windows 95) need to acquire
the attributes as well as the Fid for the instantiation of an internal
"inode" or "FileHandle". A significant improvement in performance on
such systems could be made by combining the lookup and getattr calls
both at the Venus/kernel interaction level and at the RPC level.
The vattr structure included in the input arguments is superfluous and
should be removed.
4.6. setattr
-------------
Summary
Set the attributes of a file.
Arguments
in::
struct cfs_setattr_in {
ViceFid VFid;
struct coda_vattr attr;
} cfs_setattr;
out
empty
Description
The structure attr is filled with attributes to be changed
in BSD style. Attributes not to be changed are set to -1, apart from
vtype which is set to VNON. Other are set to the value to be assigned.
The only attributes which the FS driver may request to change are the
mode, owner, groupid, atime, mtime and ctime. The return value
indicates success or failure.
Errors
A variety of errors can occur. The object may not exist, may
be inaccessible, or permission may not be granted by Venus.
4.7. access
------------
Arguments
in::
struct cfs_access_in {
ViceFid VFid;
int flags;
} cfs_access;
out
empty
Description
Verify if access to the object identified by VFid for
operations described by flags is permitted. The result indicates if
access will be granted. It is important to remember that Coda uses
ACLs to enforce protection and that ultimately the servers, not the
clients enforce the security of the system. The result of this call
will depend on whether a token is held by the user.
Errors
The object may not exist, or the ACL describing the protection
may not be accessible.
4.8. create
------------
Summary
Invoked to create a file
Arguments
in::
struct cfs_create_in {
ViceFid VFid;
struct coda_vattr attr;
int excl;
int mode;
char *name; /* Place holder for data. */
} cfs_create;
out::
struct cfs_create_out {
ViceFid VFid;
struct coda_vattr attr;
} cfs_create;
Description
This upcall is invoked to request creation of a file.
The file will be created in the directory identified by VFid, its name
will be name, and the mode will be mode. If excl is set an error will
be returned if the file already exists. If the size field in attr is
set to zero the file will be truncated. The uid and gid of the file
are set by converting the CodaCred to a uid using a macro CRTOUID
(this macro is platform dependent). Upon success the VFid and
attributes of the file are returned. The Coda FS Driver will normally
instantiate a vnode, inode or file handle at kernel level for the new
object.
Errors
A variety of errors can occur. Permissions may be insufficient.
If the object exists and is not a file the error EISDIR is returned
under Unix.
.. Note::
The packing of parameters is very inefficient and appears to
indicate confusion between the system call creat and the VFS operation
create. The VFS operation create is only called to create new objects.
This create call differs from the Unix one in that it is not invoked
to return a file descriptor. The truncate and exclusive options,
together with the mode, could simply be part of the mode as it is
under Unix. There should be no flags argument; this is used in open
(2) to return a file descriptor for READ or WRITE mode.
The attributes of the directory should be returned too, since the size
and mtime changed.
4.9. mkdir
-----------
Summary
Create a new directory.
Arguments
in::
struct cfs_mkdir_in {
ViceFid VFid;
struct coda_vattr attr;
char *name; /* Place holder for data. */
} cfs_mkdir;
out::
struct cfs_mkdir_out {
ViceFid VFid;
struct coda_vattr attr;
} cfs_mkdir;
Description
This call is similar to create but creates a directory.
Only the mode field in the input parameters is used for creation.
Upon successful creation, the attr returned contains the attributes of
the new directory.
Errors
As for create.
.. Note::
The input parameter should be changed to mode instead of
attributes.
The attributes of the parent should be returned since the size and
mtime changes.
4.10. link
-----------
Summary
Create a link to an existing file.
Arguments
in::
struct cfs_link_in {
ViceFid sourceFid; /* cnode to link *to* */
ViceFid destFid; /* Directory in which to place link */
char *tname; /* Place holder for data. */
} cfs_link;
out
empty
Description
This call creates a link to the sourceFid in the directory
identified by destFid with name tname. The source must reside in the
target's parent, i.e. the source must be have parent destFid, i.e. Coda
does not support cross directory hard links. Only the return value is
relevant. It indicates success or the type of failure.
Errors
The usual errors can occur.
4.11. symlink
--------------
Summary
create a symbolic link
Arguments
in::
struct cfs_symlink_in {
ViceFid VFid; /* Directory to put symlink in */
char *srcname;
struct coda_vattr attr;
char *tname;
} cfs_symlink;
out
none
Description
Create a symbolic link. The link is to be placed in the
directory identified by VFid and named tname. It should point to the
pathname srcname. The attributes of the newly created object are to
be set to attr.
.. Note::
The attributes of the target directory should be returned since
its size changed.
4.12. remove
-------------
Summary
Remove a file
Arguments
in::
struct cfs_remove_in {
ViceFid VFid;
char *name; /* Place holder for data. */
} cfs_remove;
out
none
Description
Remove file named cfs_remove_in.name in directory
identified by VFid.
.. Note::
The attributes of the directory should be returned since its
mtime and size may change.
4.13. rmdir
------------
Summary
Remove a directory
Arguments
in::
struct cfs_rmdir_in {
ViceFid VFid;
char *name; /* Place holder for data. */
} cfs_rmdir;
out
none
Description
Remove the directory with name 'name' from the directory
identified by VFid.
.. Note:: The attributes of the parent directory should be returned since
its mtime and size may change.
4.14. readlink
---------------
Summary
Read the value of a symbolic link.
Arguments
in::
struct cfs_readlink_in {
ViceFid VFid;
} cfs_readlink;
out::
struct cfs_readlink_out {
int count;
caddr_t data; /* Place holder for data. */
} cfs_readlink;
Description
This routine reads the contents of symbolic link
identified by VFid into the buffer data. The buffer data must be able
to hold any name up to CFS_MAXNAMLEN (PATH or NAM??).
Errors
No unusual errors.
4.15. open
-----------
Summary
Open a file.
Arguments
in::
struct cfs_open_in {
ViceFid VFid;
int flags;
} cfs_open;
out::
struct cfs_open_out {
dev_t dev;
ino_t inode;
} cfs_open;
Description
This request asks Venus to place the file identified by
VFid in its cache and to note that the calling process wishes to open
it with flags as in open(2). The return value to the kernel differs
for Unix and Windows systems. For Unix systems the Coda FS Driver is
informed of the device and inode number of the container file in the
fields dev and inode. For Windows the path of the container file is
returned to the kernel.
.. Note::
Currently the cfs_open_out structure is not properly adapted to
deal with the Windows case. It might be best to implement two
upcalls, one to open aiming at a container file name, the other at a
container file inode.
4.16. close
------------
Summary
Close a file, update it on the servers.
Arguments
in::
struct cfs_close_in {
ViceFid VFid;
int flags;
} cfs_close;
out
none
Description
Close the file identified by VFid.
.. Note::
The flags argument is bogus and not used. However, Venus' code
has room to deal with an execp input field, probably this field should
be used to inform Venus that the file was closed but is still memory
mapped for execution. There are comments about fetching versus not
fetching the data in Venus vproc_vfscalls. This seems silly. If a
file is being closed, the data in the container file is to be the new
data. Here again the execp flag might be in play to create confusion:
currently Venus might think a file can be flushed from the cache when
it is still memory mapped. This needs to be understood.
4.17. ioctl
------------
Summary
Do an ioctl on a file. This includes the pioctl interface.
Arguments
in::
struct cfs_ioctl_in {
ViceFid VFid;
int cmd;
int len;
int rwflag;
char *data; /* Place holder for data. */
} cfs_ioctl;
out::
struct cfs_ioctl_out {
int len;
caddr_t data; /* Place holder for data. */
} cfs_ioctl;
Description
Do an ioctl operation on a file. The command, len and
data arguments are filled as usual. flags is not used by Venus.
.. Note::
Another bogus parameter. flags is not used. What is the
business about PREFETCHING in the Venus code?
4.18. rename
-------------
Summary
Rename a fid.
Arguments
in::
struct cfs_rename_in {
ViceFid sourceFid;
char *srcname;
ViceFid destFid;
char *destname;
} cfs_rename;
out
none
Description
Rename the object with name srcname in directory
sourceFid to destname in destFid. It is important that the names
srcname and destname are 0 terminated strings. Strings in Unix
kernels are not always null terminated.
4.19. readdir
--------------
Summary
Read directory entries.
Arguments
in::
struct cfs_readdir_in {
ViceFid VFid;
int count;
int offset;
} cfs_readdir;
out::
struct cfs_readdir_out {
int size;
caddr_t data; /* Place holder for data. */
} cfs_readdir;
Description
Read directory entries from VFid starting at offset and
read at most count bytes. Returns the data in data and returns
the size in size.
.. Note::
This call is not used. Readdir operations exploit container
files. We will re-evaluate this during the directory revamp which is
about to take place.
4.20. vget
-----------
Summary
instructs Venus to do an FSDB->Get.
Arguments
in::
struct cfs_vget_in {
ViceFid VFid;
} cfs_vget;
out::
struct cfs_vget_out {
ViceFid VFid;
int vtype;
} cfs_vget;
Description
This upcall asks Venus to do a get operation on an fsobj
labelled by VFid.
.. Note::
This operation is not used. However, it is extremely useful
since it can be used to deal with read/write memory mapped files.
These can be "pinned" in the Venus cache using vget and released with
inactive.
4.21. fsync
------------
Summary
Tell Venus to update the RVM attributes of a file.
Arguments
in::
struct cfs_fsync_in {
ViceFid VFid;
} cfs_fsync;
out
none
Description
Ask Venus to update RVM attributes of object VFid. This
should be called as part of kernel level fsync type calls. The
result indicates if the syncing was successful.
.. Note:: Linux does not implement this call. It should.
4.22. inactive
---------------
Summary
Tell Venus a vnode is no longer in use.
Arguments
in::
struct cfs_inactive_in {
ViceFid VFid;
} cfs_inactive;
out
none
Description
This operation returns EOPNOTSUPP.
.. Note:: This should perhaps be removed.
4.23. rdwr
-----------
Summary
Read or write from a file
Arguments
in::
struct cfs_rdwr_in {
ViceFid VFid;
int rwflag;
int count;
int offset;
int ioflag;
caddr_t data; /* Place holder for data. */
} cfs_rdwr;
out::
struct cfs_rdwr_out {
int rwflag;
int count;
caddr_t data; /* Place holder for data. */
} cfs_rdwr;
Description
This upcall asks Venus to read or write from a file.
.. Note::
It should be removed since it is against the Coda philosophy that
read/write operations never reach Venus. I have been told the
operation does not work. It is not currently used.
4.24. odymount
---------------
Summary
Allows mounting multiple Coda "filesystems" on one Unix mount point.
Arguments
in::
struct ody_mount_in {
char *name; /* Place holder for data. */
} ody_mount;
out::
struct ody_mount_out {
ViceFid VFid;
} ody_mount;
Description
Asks Venus to return the rootfid of a Coda system named
name. The fid is returned in VFid.
.. Note::
This call was used by David for dynamic sets. It should be
removed since it causes a jungle of pointers in the VFS mounting area.
It is not used by Coda proper. Call is not implemented by Venus.
4.25. ody_lookup
-----------------
Summary
Looks up something.
Arguments
in
irrelevant
out
irrelevant
.. Note:: Gut it. Call is not implemented by Venus.
4.26. ody_expand
-----------------
Summary
expands something in a dynamic set.
Arguments
in
irrelevant
out
irrelevant
.. Note:: Gut it. Call is not implemented by Venus.
4.27. prefetch
---------------
Summary
Prefetch a dynamic set.
Arguments
in
Not documented.
out
Not documented.
Description
Venus worker.cc has support for this call, although it is
noted that it doesn't work. Not surprising, since the kernel does not
have support for it. (ODY_PREFETCH is not a defined operation).
.. Note:: Gut it. It isn't working and isn't used by Coda.
4.28. signal
-------------
Summary
Send Venus a signal about an upcall.
Arguments
in
none
out
not applicable.
Description
This is an out-of-band upcall to Venus to inform Venus
that the calling process received a signal after Venus read the
message from the input queue. Venus is supposed to clean up the
operation.
Errors
No reply is given.
.. Note::
We need to better understand what Venus needs to clean up and if
it is doing this correctly. Also we need to handle multiple upcall
per system call situations correctly. It would be important to know
what state changes in Venus take place after an upcall for which the
kernel is responsible for notifying Venus to clean up (e.g. open
definitely is such a state change, but many others are maybe not).
5. The minicache and downcalls
===============================
The Coda FS Driver can cache results of lookup and access upcalls, to
limit the frequency of upcalls. Upcalls carry a price since a process
context switch needs to take place. The counterpart of caching the
information is that Venus will notify the FS Driver that cached
entries must be flushed or renamed.
The kernel code generally has to maintain a structure which links the
internal file handles (called vnodes in BSD, inodes in Linux and
FileHandles in Windows) with the ViceFid's which Venus maintains. The
reason is that frequent translations back and forth are needed in
order to make upcalls and use the results of upcalls. Such linking
objects are called cnodes.
The current minicache implementations have cache entries which record
the following:
1. the name of the file
2. the cnode of the directory containing the object
3. a list of CodaCred's for which the lookup is permitted.
4. the cnode of the object
The lookup call in the Coda FS Driver may request the cnode of the
desired object from the cache, by passing its name, directory and the
CodaCred's of the caller. The cache will return the cnode or indicate
that it cannot be found. The Coda FS Driver must be careful to
invalidate cache entries when it modifies or removes objects.
When Venus obtains information that indicates that cache entries are
no longer valid, it will make a downcall to the kernel. Downcalls are
intercepted by the Coda FS Driver and lead to cache invalidations of
the kind described below. The Coda FS Driver does not return an error
unless the downcall data could not be read into kernel memory.
5.1. INVALIDATE
----------------
No information is available on this call.
5.2. FLUSH
-----------
Arguments
None
Summary
Flush the name cache entirely.
Description
Venus issues this call upon startup and when it dies. This
is to prevent stale cache information being held. Some operating
systems allow the kernel name cache to be switched off dynamically.
When this is done, this downcall is made.
5.3. PURGEUSER
---------------
Arguments
::
struct cfs_purgeuser_out {/* CFS_PURGEUSER is a venus->kernel call */
struct CodaCred cred;
} cfs_purgeuser;
Description
Remove all entries in the cache carrying the Cred. This
call is issued when tokens for a user expire or are flushed.
5.4. ZAPFILE
-------------
Arguments
::
struct cfs_zapfile_out { /* CFS_ZAPFILE is a venus->kernel call */
ViceFid CodaFid;
} cfs_zapfile;
Description
Remove all entries which have the (dir vnode, name) pair.
This is issued as a result of an invalidation of cached attributes of
a vnode.
.. Note::
Call is not named correctly in NetBSD and Mach. The minicache
zapfile routine takes different arguments. Linux does not implement
the invalidation of attributes correctly.
5.5. ZAPDIR
------------
Arguments
::
struct cfs_zapdir_out { /* CFS_ZAPDIR is a venus->kernel call */
ViceFid CodaFid;
} cfs_zapdir;
Description
Remove all entries in the cache lying in a directory
CodaFid, and all children of this directory. This call is issued when
Venus receives a callback on the directory.
5.6. ZAPVNODE
--------------
Arguments
::
struct cfs_zapvnode_out { /* CFS_ZAPVNODE is a venus->kernel call */
struct CodaCred cred;
ViceFid VFid;
} cfs_zapvnode;
Description
Remove all entries in the cache carrying the cred and VFid
as in the arguments. This downcall is probably never issued.
5.7. PURGEFID
--------------
Arguments
::
struct cfs_purgefid_out { /* CFS_PURGEFID is a venus->kernel call */
ViceFid CodaFid;
} cfs_purgefid;
Description
Flush the attribute for the file. If it is a dir (odd
vnode), purge its children from the namecache and remove the file from the
namecache.
5.8. REPLACE
-------------
Summary
Replace the Fid's for a collection of names.
Arguments
::
struct cfs_replace_out { /* cfs_replace is a venus->kernel call */
ViceFid NewFid;
ViceFid OldFid;
} cfs_replace;
Description
This routine replaces a ViceFid in the name cache with
another. It is added to allow Venus during reintegration to replace
locally allocated temp fids while disconnected with global fids even
when the reference counts on those fids are not zero.
6. Initialization and cleanup
==============================
This section gives brief hints as to desirable features for the Coda
FS Driver at startup and upon shutdown or Venus failures. Before
entering the discussion it is useful to repeat that the Coda FS Driver
maintains the following data:
1. message queues
2. cnodes
3. name cache entries
The name cache entries are entirely private to the driver, so they
can easily be manipulated. The message queues will generally have
clear points of initialization and destruction. The cnodes are
much more delicate. User processes hold reference counts in Coda
filesystems and it can be difficult to clean up the cnodes.
It can expect requests through:
1. the message subsystem
2. the VFS layer
3. pioctl interface
Currently the pioctl passes through the VFS for Coda so we can
treat these similarly.
6.1. Requirements
------------------
The following requirements should be accommodated:
1. The message queues should have open and close routines. On Unix
the opening of the character devices are such routines.
- Before opening, no messages can be placed.
- Opening will remove any old messages still pending.
- Close will notify any sleeping processes that their upcall cannot
be completed.
- Close will free all memory allocated by the message queues.
2. At open the namecache shall be initialized to empty state.
3. Before the message queues are open, all VFS operations will fail.
Fortunately this can be achieved by making sure than mounting the
Coda filesystem cannot succeed before opening.
4. After closing of the queues, no VFS operations can succeed. Here
one needs to be careful, since a few operations (lookup,
read/write, readdir) can proceed without upcalls. These must be
explicitly blocked.
5. Upon closing the namecache shall be flushed and disabled.
6. All memory held by cnodes can be freed without relying on upcalls.
7. Unmounting the file system can be done without relying on upcalls.
8. Mounting the Coda filesystem should fail gracefully if Venus cannot
get the rootfid or the attributes of the rootfid. The latter is
best implemented by Venus fetching these objects before attempting
to mount.
.. Note::
NetBSD in particular but also Linux have not implemented the
above requirements fully. For smooth operation this needs to be
corrected.